We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

PetSmart Notifies Customers of Cyberattack

PetSmart Notifies Customers of Cyberattack
Husain Parvez Published on 9th March 2024 Cybersecurity Researcher

PetSmart has recently informed its customers of a credential stuffing attack, prompting an immediate reset of passwords for affected accounts. The pet retail giant currently has over 60 million customers.

The attack leveraged usernames and passwords exposed in prior breaches to gain unauthorized access. In response, PetSmart took proactive measures, stating the following in an email sent to affected customers, as reported by BleepingComputer: "In an abundance of caution to protect you and your account, we have inactivated your password on petsmart.com".

Once a threat actor compromises an account in a credential stuffing attack, it can be used to make fraudulent purchases and send spam, or as a platform for further attacks. It’s also common for threat actors to sell such compromised accounts to other cybercriminals.

Credential stuffing attacks are not new and have targeted various companies in the past. PetSmart's recent experience underscores the persistent threat of hackers in the digital landscape. Stating that “fraudsters are constantly trying to obtain user names and passwords," PetSmart advised its customers to use strong, unique passwords and to vigilantly monitor account activity.

PetSmart also clarified in its email alert that there is no indication that its website or any of its systems were compromised, with the attack only seeming to affect customer accounts.

This incident isn’t the only one that’s currently affecting American shoppers — we recently reported on a breach that leaked American Express card details. Not only does the American populace have to worry about hackers, but the violation of their privacy by federal agencies, with the recent revelation that the NSA has been purchasing American’s browsing data without a warrant.

About the Author

Husain Parvez is a Cybersecurity Researcher and News Writer at vpnMentor, focusing on VPN reviews, detailed how-to guides, and hands-on tutorials. Husain is also a part of the vpnMentor Cybersecurity News bulletin and loves covering the latest events in cyberspace and data privacy.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address